CVE-2006-4924

Publication date 27 September 2006

Last updated 24 July 2024

Ubuntu priority

sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
openssh	7.04 feisty	Fixed 4.3p2-5ubuntu1
	6.10 edgy	Fixed 4.3p2-5ubuntu1
	6.06 LTS dapper	Fixed 4.2p1-7ubuntu3.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-355-1
openssh vulnerabilities
2 October 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2006-4924